Cyber-Security-Presentation-2_2017.pptx.ppt
- 1. Cyber Security Threats 2017 CLOUDNEXUS AND FIRST RESOURCE INSURANCE GROUP FEBRUARY 2017
- 2. Principium Technologies, LLC | Founded in 2010 IT Managed Service Provider | http://www.principiumtech.com Jay Rollins, CEO 502-440-1380 | jay@principiumtech.com TechMasters, LLC | Founded in 2015 VoIP Phone Systems | http://www.techmastersky.com Jay Rollins, CEO 502-440-1380 | jay@techmastersky.com + = Copyright 2017 CloudNexus and First Resource Insurance Group
- 3. Christopher Green First Resource Insurance Group http://www.frigroupinc.com/ 9900 Corporate Campus Drive, Suite 3000 Louisville, KY 40223 Tel: 502-657-6320 Fax: 502-657-6321 cgreen@frigroupinc.com Copyright 2017 CloudNexus and First Resource Insurance Group
- 4. Cybersecurity Outlook 2017 Almost one in five small business owners say their company has had a loss of data in the past year. Small business owners are particularly hurt by cyberattacks. According to recent data 63 percent of small business owners view data as their new currency, and that a single data hack could have associated costs ranging from $82,200 to $256,000. - Norman Guadango, Carbonite Copyright 2017 CloudNexus and First Resource Insurance Group
- 5. Hackers: Breaches Headlines Ashley Madison 2015: Many use same passwords, spear phishing campaigns, blackmail targets Twitter: 32 Million Yahoo: 500 Million (LinkedIn, Amazon, Facebook, Credit Cards, ) Security cameras, breachable appliances, access control systems Malware found on all platforms including Apple 2 million new signatures of malware in July 2016 Copyright 2017 CloudNexus and First Resource Insurance Group
- 6. Cyber Security Threats for 2017 Ransomware and Extortion will increase (Stephen Gates, NSFocus) Industrial IoT attacks will increase (Adam Meyer, SurfWatch) Internal Threats will increase (James Maude, Avetco) Physical Security Investments (Ed Solis, CommScope) Hackers are in the Long Game Copyright 2017 CloudNexus and First Resource Insurance Group
- 7. Attack Vectors Hacking (Data theft, corporate espionage, identity theft) Social Engineering (Spear Phishing, Phishing, traditional SE) Internal attacks: Unauthorized access and access control Cloud Attacks and Breaches (Dropbox, iCloud, OneDrive, Etc.) Virus/Malware/Botnet Ransomware and Extortion Copyright 2017 CloudNexus and First Resource Insurance Group
- 8. Legacy Gateway Security Implementation Copyright 2017 CloudNexus and First Resource Insurance Group
- 9. Modern Security Implementation Copyright 2017 CloudNexus and First Resource Insurance Group
- 10. Cyber Security Focus Keeping the Bad Guys out Protecting your Internal Network Recovering from an Attack Copyright 2017 CloudNexus and First Resource Insurance Group
- 11. Business Security: Keep the bad guys out Tools Modern firewall Security Event Manager Spam Filter Policy Monitor 24x7 Security Event and Log Review No local Admins! Patch Management and Passwords (2 Form Factor) Copyright 2017 CloudNexus and First Resource Insurance Group
- 12. External Threat Strategy Raise the bar higher than the next guy Weigh what you automate with what you control through policy and procedure Higher priced experts in most cases are cheaper than the alternatives Constant education on the latest threats must be a priority. The best defense is intelligence. Copyright 2017 CloudNexus and First Resource Insurance Group
- 13. Business Security: Protect from the Inside Tools Anti-virus, Anti-Malware Security Event Manager Modern Firewall Reverse Spam Filter Network Design: Zones (Lessons from Pearl Harbor) Policy Employee Training Data Retention, Email Security, Data Access and Access Control policies Employee Turnover Device Management Copyright 2017 CloudNexus and First Resource Insurance Group
- 14. Importance of Training Free Wifi: Device called wifi pineapple mimics popular banking websites. Pass through pineapple to whatever sites they want and capture user names and passwords. Slowly add botnets, malware and virus. USB drives “dropped” 30 drives, 67 different networks including corporate networks Waterhole attacks: redirect to compromised websites Spear Phishing: Cost one firm $47 million (CEO email wire transfer) Copyright 2017 CloudNexus and First Resource Insurance Group
- 15. Business Security: Attack Recovery Tools Backup, Disaster Recovery and Business Continuity Cyber Security Insurance Policy Communication Plan Recovery Time Objective Recovery Point Objective Incident Source Identification and Quarantine Test, Test, Test Copyright 2017 CloudNexus and First Resource Insurance Group
- 16. Recovery Considerations Attack Source Discovery: 5 minutes to 8 hours Systems Restoration: 20 minutes to 2 weeks Data Loss: 15 minutes to 24 hours Put a real cost to the business loss to truly understand the impact Salary Missed sales Lost data Project delays and associated opportunity cost Copyright 2017 CloudNexus and First Resource Insurance Group
- 17. Warning!!! Tech Speak Coming! Copyright 2017 CloudNexus and First Resource Insurance Group
- 18. Firewall Evolution Packet Inspection: Traffic cop: Can see car, color, plate, make and model and which direction it is coming from but cant see who is driving, what is in the trunk, what is underneath the car Deep Packet Inspection: X-ray vision. Much better than Packet Inspections but even Superman can’t see through lead Encrypted traffic: https traffic is major cause of most breaches. Google prioritizes search results to list https. Ransomware Cryptolocker uses this to explode on a network via webmail Firewall purchased in the past 18-36 months may not be able to inspect https traffic Copyright 2017 CloudNexus and First Resource Insurance Group
- 19. Security Quick Tips Move DNS to trusted DNS source only Restrict outbound VPN connection to trusted users (Ransomeware Call Home) Block outbound SMTP (Botnet Zombies) Restrict outbound SSH connectivity (Remote access Trojan) Restrict download of executable files to admins and trusted users Inspect encrypted traffic Two factor authentication for remote users Block illicit applications (proxy bypass, peer to peer, tor, etc.) Automate alerts and review network traffic frequently Copyright 2017 CloudNexus and First Resource Insurance Group
- 20. What We Provide Fully Managed Cyber Security Service Annual Penetration Testing Secure Network Design Services (HIPAA, FINRA and PCI) 6th Generation Managed Security Appliance Cloud-based EWS (Early Warning System) End-Point protection Spam protection Patch Management Backup, Disaster Recovery and Business Continuity Appliance and Service 24x7 Expert monitoring and remediation services Copyright 2017 CloudNexus and First Resource Insurance Group
- 21. What We Provide Copyright 2017 CloudNexus and First Resource Insurance Group Comprehensive Cyber Insurance Coverage Customized to Meet the Needs of your Business Policy Limits Ranging from $50K - $1M Coverage I – Response Expense Coverage II – Defense and Liability
- 22. Cyber Insurance Coverage’s 1st Party Coverage’s Breach Response Costs, Notification Expenses, Credit Monitoring Network Asset Protection Cyber Extortion Cyber Terrorism Identity Theft Expense Coverage 3rd Party Coverage’s Multimedia Liability Coverage Security & Privacy Liability Coverage Privacy Regulatory Defense & Penalties Copyright 2017 CloudNexus and First Resource Insurance Group
- 23. Thank You! Chris Green 502-657-6320 cgreen@frigroupinc.com Jay Rollins 502-440-1380 jay@principiumtech.com Copyright 2017 CloudNexus and First Resource Insurance Group
Editor's Notes
- #7: As more devices become internet-enabled and accessible and the security measures in place continue to lag behind, the associated risks are on the rise. Aside from the obvious risks for attacks on consumer IoT devices, there is a growing threat against industrial and municipal IoT as well. As leading manufacturers and grid power producers transition to Industry 4.0, sufficient safeguards are lacking. Not only do these IoT devices run the risk of being used to attack others, but their vulnerabilities leave them open to being used against the industrial organizations operating critical infrastructure themselves. This can lead to theft of intellectual property, collecting competitive intelligence, and even the disruption or destruction of critical infrastructure. Not only is the potential scale of these attacks larger, most of these industrial firms do not have the skills in place to deal with web attacks in real-time, which can cause long-lasting, damaging results. This alone will become one of the greatest threats that countries and corporations need to brace themselves for in 2017 and beyond. There are plenty of "As-A- Service" attack capabilities on the Dark Web for hire now and we should expect creative new IoT hack services to pop up in the near future. As organizations adopt more effective strategies to defeat malware, attackers will shift their approach and start to use legitimate credentials and software - think physical insiders, credential theft, man-in-the-app. The increased targeting of social media and personal email bypasses many network defenses, like email scans and URL filters. The most dangerous aspect is how attackers manipulate victims with offers or threats that they would not want to present to an employer, like employment offers or illicit content. Defenders will begin to appreciate that inconsistent user behaviors are the most effective way to differentiate malware and insider threats from safe and acceptable content.